Juniper Junos OS Networks Deep Packet Inspection-Decoder improperly controlled sequential memory allocation
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.8 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in Juniper Junos OS. Impacted is an unknown function of the component Networks Deep Packet Inspection-Decoder. Performing a manipulation results in improperly controlled sequential memory allocation. This vulnerability is cataloged as CVE-2023-28968. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.
Details
A vulnerability, which was classified as critical, was found in Juniper Junos OS (Router Operating System) (the affected version is unknown). This affects an unknown code of the component Networks Deep Packet Inspection-Decoder. The manipulation with an unknown input leads to a improperly controlled sequential memory allocation vulnerability. CWE is classifying the issue as CWE-1325. The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects. This is going to have an impact on integrity, and availability. The summary by CVE is:
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. An example session can be seen by running the following command and evaluating the output. user@device# run show security flow session source-prefix extensive Session ID: , Status: Normal, State: Active Policy name: Dynamic application: junos:UNKNOWN, <<<<< LOOK HERE Please note, the JDPI-Decoder and the AppID SigPack are both affected and both must be upgraded along with the operating system to address the matter. By default, none of this is auto-enabled for automatic updates. This issue affects: Juniper Networks any version of the JDPI-Decoder Engine prior to version 5.7.0-47 with the JDPI-Decoder enabled using any version of the AppID SigPack prior to version 1.550.2-31 (SigPack 3533) on Junos OS on SRX Series: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S11; 20.1 version 20.1R1 and later versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2;
The weakness was shared 04/18/2023 as JSA70592. The advisory is shared at supportportal.juniper.net. This vulnerability is uniquely identified as CVE-2023-28968 since 03/29/2023. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 12/08/2025).
Upgrading eliminates this vulnerability. The upgrade is hosted for download at juniper.net.
The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2023-32586). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.juniper.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.8
VulDB Base Score: 6.5
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 5.3
CNA Vector (Juniper Networks, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improperly controlled sequential memory allocationCWE: CWE-1325
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: juniper.net
Timeline
03/29/2023 🔍04/18/2023 🔍
04/18/2023 🔍
12/08/2025 🔍
Sources
Vendor: juniper.netAdvisory: JSA70592
Status: Confirmed
CVE: CVE-2023-28968 (🔍)
GCVE (CVE): GCVE-0-2023-28968
GCVE (VulDB): GCVE-100-226209
EUVD: 🔍
Entry
Created: 04/18/2023 09:00Updated: 12/08/2025 00:12
Changes: 04/18/2023 09:00 (50), 12/08/2025 00:12 (16)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.